This page (like others in the Useless Trivia space) exist to provide analysis and review of computer security in films. Reviews of usernames and passwords used in these films will be mentioned as they can be found and identified.

The KGB, My Computer and Me: Docmentary-Drama with some comedy

If you have read Clifford Stoll's book called "The Cookoo's Egg" then you have a more detailed accounting of the events leading up to the the resolutlion of the initial $0.75 accounting discrepency on the system accounting and use than what is found in this film. Originally aired in U.S. on the PBS (Public Broadcasting System) I found this to be informative, entertaining and enjoyable.

Information about this film (from the film):

Clifford starts working at LBL (Lawrence Berkeley Labs) because his Astronomer grant money runs out

Dave Cleavland (FIXME: Spell name) (described by Clifford Stoll as a real wizard) points out to Clifford a $0.75 discrepency in the resource accounting software report

Which does not really look like a password file, and the UID do not look like the common 16 bit UID often used in UNIX systems. (Several UID exceed the max size for unsigned 16 bit int.)
You will notice in the list that appears on the screen that we also see "Bensen" (mentioned later in the film.)
Clifford's solution to the $0.75 problem was to delete the "Hunter" account.

Second event: e-mail from "docmaster" about breakin attempt from LBL machines.

There is mention of password echoing not existing to avoid risk for shoulder surfing.

Account Sventek was used to attack docmaster.

Clifford makes a program to list users as they login and their tty. The movie shows some of these:

sykes tt14
chan tt11
Sventek tt23

MOTD for LBL machine "Welcome to LBL" (see this on printer)

Film illustrates "security hole used to gain root access":

mail program allows delivery of mail to the system area
hacker makes a program that can be run by the system
hacker mails program to system i such a way that it will appear in a
specific location
That location was used by a cron job that would execute programs on a regular
basis (every 5 minutes.)

White Belnap (FIXME:spelling of name) bring in a Logic Analyzer to "sniff" session data on the line. We see a screen on the Logic Analyzer that shows incoming and outgoing data on the same screen. I would assume that characters that are inbound are one color (white on black) while outgoing characters are in inverse video (black on white). This explains the double entry of characters as characters are entered and then echoed back to the sender for display. (In this "session" below, "?" are used to specify "unprintble characters" while I use "#" to specify "CR" and "%" to specify "LF"

It is not quite clear to me, but the username is obviously "sventek" in the stream above. Looking for a password, I do not see any obvious candidates. Ideal candidates would be white text on black background in sequence (not separated by inverse video characters), as password characters would not be echoed back to the caller. We see what looks like the word "fine" is typed and then later a "finger" command is issued.
The next character transmitted by the client (in this case) is a single "CR" (Carriage Return) which would suggest to me, that if this was a standard login, that the password was empty or blank for this demo. Even more likely, is that this demo did not include a session on the Logic Analyzer that was actually a login. (Notice we do not see the word "Login:" in the stream? Notice how we do not see the keyword "Password" in the stream?) Perhaps this is supposed to be an unathenticated rlogin...

Username "hunter" is used on a taken Army computer.

Account names used by hacker on other systems: "Hunter", "Hedges", "Jaeger" and "Benson" (these printed on screen.)

There are cases where, during the documentary, Clifford Stoll uses the word "password" to describe the username of an account

(C) 2006, 2005, 2004, 2003, 2002, 2001 Passwall.com. Copyright Information: Any of the above content that was created by me may be copied so long as each copy includes this copyright and links back to this site with reference to source and the content not be used for financial gain.

(C) 2006, 2005, 2004, 2003, 2002, 2001 of information included above with explicit credit to people other than me who have submitted documentation, additions, corrections. You will need to get their permission to use their included content.

I do not provide screenshots from movies, or downloadable movies for any films to avoid issues with Copyright infringement. It is my intention to legally provide news, information, trivia, and discussion about films and ensure content is not illegally reproduced. If you control Copyright to any of these movies and will extend to me permission is writing to capture screenshot images to be used on the web, please let me know!

If you have suggestions on additions, feel free to e-mail them to me. Please use valid e-mail addresses so I can reply to you. I like to offer credit to people for their submissions. When you provide your submission, please specify what name should be credited with the information provided and if you would like to have an e-mail link to your address or a URL to your home page.